There have been strict laws about the export of crypto software to certain countries. I can understand the intent, but never gauged the fact that there is nothing stopping these countries from developing their own crypto software. So why limit the export?

And in light of the recent NSA revelations, of backdoors being engineered into crypto algos, wouldn't the export of such compromised algorithms have helped to unravel secrets?

1) It's just politicians being behind the times. Of course copying open source crypto is trivial for those countries. 2) For most algorithms it's extremely unlikely that they were backdoored 3) Writing your own implementation is risky. Most crypto code I've seen is broken, even when it builds on standard primitives like AES.
–
CodesInChaos♦Oct 1 '13 at 10:39

1 Answer
1

The laws you're talking about are generally part of the laws that control the export of weapons and of dual-use goods. Dual-use goods are things that can be used both for a military and for a civil purpose… cryptography is such a dual-use good.

In fact, the classification as dual-use good is logic when you think about the fact that cryptography was born out of military needs hundreds of years ago.

In the recent decades since World War II, many governments (including the U.S. and its NATO allies) have regulated the export of cryptography for national security considerations. The cold-war era didn't really lift paranoia and security worries of countries worldwide. As late as 1997, NSA officials in the US were concerned that the widespread use of strong encryption could void their ability to provide SIGINT (signal intelligence) regarding foreign entities… including terrorist groups operating internationally.

It's just since the development and public release of asymmetric key techniques and the Data Encryption Standard (DES) in the 1970s, and later the rise of the Internet, combined with the willingness of some to risk and resist prosecution, that eventually made the policy of regulating cryptography impossible to enforce. As a result, it was being relaxed in the late 1990s by the US. Several countries (but not all of them) followed their lead.

Yet, up till today, most countries have unpublished cryptographic protocols and algorithms in place that are considered top secret and are only known to and used by military intelligence and alike institutions.

Re: "…wouldn't the export of such compromised algorithms have helped to unravel secrets?"

From a civilian point of view, that indeed would make sense… and we would make my cipher public according to Kerckhoffs's principle. But you need to consider the question from the viewpoint of a state or country. If you use an algorithm to encrypt and decrypt Top Secret information which - according to your security classification - could endanger your state/country as soon as anyone gets his/her hands on that information, would you publish it?

After all, if you put your military crypto in the hands of the crowd, the crowd (including every adversary) might be able to find a flaw in your crypto. The crowd would most probably tell you by publishing successful attacks all over the internet, but your adversary would most certainly keep his mouth shut to be sure you're not aware he/she is reading everything you've encrypted.

Remember WW2, where the UK could read Enigma messages from a certain point on. They didn't tell the Germans about that for a good reason. Today, a state/country that is able to successfully attack and decrypt another state's/country's crypto would not tell anyone either.

The reasons are simple:

it is an "attack" and therefore it could cause diplomatic issues (up to a war).

the attacking state would lose the advantage of being able to read the attacked state's/country's message without them knowing about it.

No state/country will ever risk a war or risk losing a strategic advantage. And on the other side of the coin, no state/country will ever risk losing the secrecy of it's most valuable, top secret information.

If you dive a bit into the history of diplomacy, secrecy and war, you'll soon discover that states/countries always consider ignoring Kerckhoffs's principle a small price to be paid when it adds another layer of security (through obscurity).

The reason is that — from a military point of view — every layer of security (no matter how small) adds security. Sometimes, the smallest layer of security represents the fine line between life and death.

And for the same reasons, no other state will ever rely on another's crypto to protect it's Top Secret information. Yet, note that doesn't mean the cryptos by NSA and others don't contain backdoors or planned weaknesses in case an adversary should use that crypto. A nation will (most of the time) make sure there is a way to access encrypted information under worst case scenarios… especially when that nation defines such a scenario different than another state (or a regular civilian).